using System;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class Employee_UpdateEmployee : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!Page.IsPostBack)
            FillData();
    }

    private void FillData()
    {
        Connection newCon = new Connection();
        SqlConnection con = newCon.ConStr;

        SqlDataReader dr ;

        // open conneciton
        con.Open();

        // prepare command
        SqlCommand cmd = new SqlCommand("select * from Employee where username = @username", con);

        cmd.Parameters.AddWithValue("username", User.Identity.Name);

        dr = cmd.ExecuteReader();

        if (dr.Read())
        {
            TextBox1.Text = dr.GetString(1);
            TextBox2.Text = dr.GetString(2);
            TextBox3.Text = dr.GetDateTime(3).ToShortDateString();
            DropDownList1.SelectedValue = dr.GetBoolean(4).ToString();
            TextBox4.Text = dr.GetString(5);
            TextBox5.Text = dr.GetString(6);
            TextBox6.Text = dr.GetString(7);
        }
        else
            Label1.Text += "There was some errors loading your information, please try again.";

        // Close connection
        con.Close();
    }

    protected void Button1_Click(object sender, EventArgs e)
    {
        try
        {
            //Update in the DB
            // New connection
            Connection newCon = new Connection();
            SqlConnection con = newCon.ConStr;

            // open conneciton
            con.Open();

            // prepare command
            SqlCommand cmd = new SqlCommand("update Employee set password = @pass , fullname = @fullname , birthdate = @bdate , gender = @sex , email = @email , address = @address , tel = @tel where username = @username", con);
            
            cmd.Parameters.AddWithValue("username", User.Identity.Name);
            cmd.Parameters.AddWithValue("pass", TextBox1.Text);
            cmd.Parameters.AddWithValue("fullname", TextBox2.Text);
            cmd.Parameters.AddWithValue("bdate", TextBox3.Text);
            cmd.Parameters.AddWithValue("sex", DropDownList1.SelectedValue);
            cmd.Parameters.AddWithValue("email", TextBox4.Text);
            cmd.Parameters.AddWithValue("address", TextBox5.Text);
            cmd.Parameters.AddWithValue("tel", TextBox6.Text);

            // execute query
            cmd.ExecuteNonQuery();

            // close connection
            con.Close();
            Label1.Text = "";

            // Update in the ASP DB
            MembershipUser mu = Membership.GetUser(TextBox1.Text);
            
            mu.ChangePassword(mu.ResetPassword(), TextBox2.Text);
            Membership.UpdateUser(mu);
        }
        catch (Exception ex)
        {
            Label1.Text = "Cannot update your information: " + ex.Message;
        }

    }
}
